Are you and your patients protected?
On August 9, 2013 www.healthcareitsnews.com announced that
"The protected health information of some 32,000 patients across 48 states has been compromised after a health IT vendor's firewall was down for more than a month, allowing, in some cases, for patient data to be indexed by Google, officials announced Thursday. Hospitalist and intensivist company Cogent Healthcare, based in Nashville, Tenn., contracted with Las Vegas-based medical transcription and software vendor M2ComSys to transcribe care notes dictated by physicians. M2 stored protected health information on what was supposed to be a secure Internet site. The site, in reality, had its firewall down. The access to these notes through the site began May 5, 2013, and ended following Cogent Healthcare’s discovery of the lapse on June 24, 2013. Patient data compromised included patients names, physician names, dates of birth, diagnosis description, treatment data, medical history and medical records numbers.
In response to the HIPAA breach, Cogent Healthcare has terminated its relationship with M2ComSys and has taken physical possession of the hardware in use at M2. They are also in the process of confirming with Google that it has removed all evidence of PHI from its files, officials say.
"We're just one of a couple dozen hospitals that had patient information unsecured," said Craig Cooper, spokesperson for Davenport, Iowa-based Genesis Health Systems. Cooper said some 1,160 patients Genesis patients had their PHI compromised.
According to Cogent officials, 32,000 patients seen at many of the company's physician groups in Arizona, California, Florida, Georgia, Iowa, Illinois, Kentucky, Massachusetts, Mississippi, Montana, New Jersey, New York, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas, Washington, Wisconsin were affected by the breach.
This is the second HIPAA breach for Cogent Healthcare, according to data from the Department of Health and Human Services."
Precision Med Networks provides a full Managed IT Security solution
to keep you and your patients protected from embarrassing and costly scenarios like the one above.
How does it work?
SYSTEMS MONITORINGReal-time monitoring and alerting
System Scanning and Auditing Early warning signs of threats |
ADMINISTRATIONRole based Authorization and Acess Control
Email and Web filtering Email and Data Encryption Asset Inventory Secure file exchange |
CONSULTINGBreach testing and Audits
IT Policy forming and Guidance to Layered Security improvements Business association agreements |